Sunday, October 23, 2011

PHP Business Rules

The purpose of the business rules layer is to prevent gibberish being written to a database. If you have a field designated to record currency values, you don't want someone posting a long letter to their mother to it. Of course if you try to write text to a numeric field the database itself will probably reject it, but doing so wastes server resources and risks corrupting the database.

And in an age of web applications, where servers and clients are separated by long distance and heavy traffic, sending redundant requests to the server wastes time and annoys the user.

There are two aspects to the business rules layer:

  1. The coded rules;
  2. The front end manifestation when one or more of the conditions set out in the rules is not met.

In the olden days, if you tried to make an illegal entry into a database field, a new window or dialog box opened up with a rude message, and sometimes the computer would beep at you. The dialog box would then have to be closed manually by the user before they could continue with their work.

Nowadays a more subtle approach is preferred. Usually a message is written on to the data entry form itself, just above or close to the field with the inappropriate or missing entry.

In the case of a login screen, nothing is being written to the database, and a null field is conceptually similar to an incorrect entry, so some applications skip business rules in the login screen and send null fields for checking against the database along with everything else.

My server is particularly slow, and I am always aware of the implicit cost of making unnecessary calls on the database, so I shall write a couple of lines to ensure users at least put something in both username and password fields.

The login screen shown in my previous post was written in HTML and tested at home. I shall now have to migrate across to PHP and as I don't have PHP installed at home, I shall have to work on my web host server.

The PHP script will open with the include() statement and a variable declaration for the error condition:

include('dbinfo.php'); // get database information
$error = false; //boolean used to contain error condition

It will continue with the equivalent of event code for the button click event. In this case there is no need to register an actual event, because the login button is calling the containing page:

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

The code for the whole page is rerun when the button is clicked, so there is no need to register the event as such, but rather the condition of having been clicked:

if (isset($_POST['login'])) {
// variables filled with form inputs
$usertype = $_POST['usertype'];
$username = $_POST['username'];
$password = $_POST['password'];
// check that neither field is empty
if ( !empty($firstname) && !empty($lastname) ) {
//run crunchy code
} else {
$error = true; // error condition met
} // end of empty field check
} // end of buttonclicked conditional code

The "crunchy code" will be discussed later. For now, I need to insert a couple of extra lines into the page to use the $error variable. The first insert goes at the top of the <div> I called row2, which holds the username field:

<?php
if ( $error && empty($username) ) {
echo '<span style="gt;Oh Dear! You did not enter your name.</span><br>',"\n";
}
?>

The second insert goes at the top of the <div> I called row3, which holds the password field:

<?php
if ( $error && empty($password) ) {
echo '<span style="gt;Oh Dear! You did not enter your password.</span><br>',"\n";
}
?>

I have to admit that this is easier using the <div> tag than it would have been using a table. A table would have required a new row, and a cell spanning two column widths for each insert. Using the <div> tag, I just squashed the new code inside the containing division and above the two floating "cells".

The code for the whole page has now become:

<?php
include('dbinfo.php'); // get database information
$error = false; //boolean used to contain error condition
/**
* The code below is ignored when the page loads
* but is run on reload after button click.
*/
if (isset($_POST['login'])) {
// variables filled with form inputs
$usertype = $_POST['usertype'];
$username = $_POST['username'];
$password = $_POST['password'];
// check that neither field is empty
if ( !empty($firstname) && !empty($lastname) ) {
//run crunchy code
} else {
$error = true; // error condition met
} // end of input check
} // end of buttonclicked conditional code
?>

<html>
<head>
<title>Active Math Java Private Portal</title>
<link rel="stylesheet" type="text/css" href="pportal.css" />
</head>
<body>
<div id="container">
<div id="header">
<h1 class="top">Rasch-ItemBank</h1>
<h3 class="top">A
<a class="top" href="http://www.interactived.com/softway.htm">
Softway</a> Open Source Project <br/>
Hosted by <a class="top" href="http://java.net/projects">Java.net</a>
</h3>
</div>
<div id="left">
<b>Menu</b><br />
<a class="menu" href="http://www.interactived.com/softway.htm">Home</a><br />
<a class="menu" href="http://www.interactived.com/research.htm">Research</a><br />
<a class="menu" href="http://www.interactived.com/software.htm">Software</a>
</div>
<div id="content" style="height:400px;width:85%;">
<h1 class="main">Active Math Java</h1>
<h3 class="main">Private Portal<br/>
The Blueridge School of Apalit, Inc.
</h3>
<div id=logintable class=inputtable>
<div id=row1 class=row>
<h3>Initial Login Screen</h3>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<div id=row1 class=row>
<div id=cell11 class=col1>Please select user or admin</div>
<div id=cell12 class=col2>
<select name="usertype" class=cbox>
<option value="user">user</option>
<option value="admin">admin</option>
</select>
</div>
</div><br/>
<div id=row2 class=row>
<?php
if ( $error && empty($username) ) {
echo '<span style="gt;Oh Dear! You did not enter your name.</span><br>',"\n";
}
?>
<div id=cell21 class=col1>Please enter your name</div>
<div id=cell22 class=col2><input type="text" name="username" class=itext /></div>
</div><br/>
<div id=row3 class=row>
<?php
if ( $error && empty($password) ) {
echo '<span style="gt;Oh Dear! You did not enter your password.</span><br>',"\n";
}
?>
<div id=cell31 class=col1>Please enter your password</div>
<div id=cell32 class=col2><input type="password" name="password" class=itext /></div>
</div><br/>
<div id=row4 class=row>
<div id=cell41 class=col1>Click button to log in</div>
<div id=cell42 class=col2><input type="submit" name="login" value="Log in to Portal" class=itext /></div>
</div><br/>
</form>
</div>
</div>
</div>

<div id="footer">
Helping Children to Achieve their Potential</div>
</div>
</body>
</html>

And when I clicked the login button, with two empty fields, the page came up as shown below:

No comments: